b612/notify
1
0
Fork 0
Code Issues Pull Requests Projects Releases 10 Wiki Activity
notify/transport_codec.go

338 lines
9.4 KiB
Go
Raw Permalink Normal View History

feat(notify): 重构通信内核并补齐 stream/bulk/record/transfer 能力 - 引入 LogicalConn/TransportConn 分层,ClientConn 保留兼容适配层 - 新增 Stream、Bulk、RecordStream 三条数据面能力及对应控制路径 - 完成 transfer/file 传输内核与状态快照、诊断能力 - 补齐 reconnect、inbound dispatcher、modern psk 等基础模块 - 增加大规模回归、并发与基准测试覆盖 - 更新依赖库
2026-04-15 15:24:36 +08:00
package notify
import "errors"
var (
errClientSessionQueueUnavailable = errors.New("client session queue is unavailable")
errServerSessionQueueUnavailable = errors.New("server session queue is unavailable")
errTransportPayloadEncryptFailed = errors.New("transport payload encrypt failed")
errTransportPayloadDecryptFailed = errors.New("transport payload decrypt failed")
)
feat(transport): 完成安全架构拆分并收口 stream/bulk 传输优化 - 新增 managed/external/nested 三种传输保护模式 - 新增 peer attach 显式认证、抗重放、channel binding 和可选前向保密协商 - 明确单连接注入与可重拨连接源的语义边界 - 禁止 ConnectByConn 场景下 dedicated bulk 走 sidecar,auto 模式自动回退 shared - 修正 dedicated attach 在 bootstrap/steady profile 切换下的处理逻辑 - 优化 shared bulk super-batch 与批量 framed write 路径 - 降低 stream/bulk fast path 的复制和分发损耗 - 补齐 benchmark、回归测试、运行时快照和 README 文档
2026-04-20 16:35:44 +08:00
func encryptTransportPayloadCodec(mode ProtectionMode, runtime *modernPSKCodecRuntime, msgEn func([]byte, []byte) []byte, secretKey []byte, data []byte) ([]byte, error) {
if mode == ProtectionExternal {
return data, nil
}
fix: close stream adaptive gaps and switch notify to stario v0.1.1 - make stream fast path honor adaptive soft payload limits end-to-end - split oversized fast-stream payloads into sequential frames before batching - use adaptive soft cap when encoding stream batch payloads - move timeout-like error detection into production code for adaptive tx - tune notify FrameReader read size explicitly to avoid throughput regression - drop local stario replace and depend on released b612.me/stario v0.1.1
2026-04-18 16:05:57 +08:00
if runtime != nil {
encoded, err := runtime.sealPlainPayload(data)
if err != nil {
return nil, errTransportPayloadEncryptFailed
}
return encoded, nil
}
if msgEn == nil {
return nil, errTransportPayloadEncryptFailed
}
encoded := msgEn(secretKey, data)
if encoded == nil && len(data) != 0 {
return nil, errTransportPayloadEncryptFailed
}
return encoded, nil
}
feat(transport): 完成安全架构拆分并收口 stream/bulk 传输优化 - 新增 managed/external/nested 三种传输保护模式 - 新增 peer attach 显式认证、抗重放、channel binding 和可选前向保密协商 - 明确单连接注入与可重拨连接源的语义边界 - 禁止 ConnectByConn 场景下 dedicated bulk 走 sidecar,auto 模式自动回退 shared - 修正 dedicated attach 在 bootstrap/steady profile 切换下的处理逻辑 - 优化 shared bulk super-batch 与批量 framed write 路径 - 降低 stream/bulk fast path 的复制和分发损耗 - 补齐 benchmark、回归测试、运行时快照和 README 文档
2026-04-20 16:35:44 +08:00
func decryptTransportPayloadCodec(mode ProtectionMode, runtime *modernPSKCodecRuntime, msgDe func([]byte, []byte) []byte, secretKey []byte, data []byte) ([]byte, error) {
if mode == ProtectionExternal {
return data, nil
}
fix: close stream adaptive gaps and switch notify to stario v0.1.1 - make stream fast path honor adaptive soft payload limits end-to-end - split oversized fast-stream payloads into sequential frames before batching - use adaptive soft cap when encoding stream batch payloads - move timeout-like error detection into production code for adaptive tx - tune notify FrameReader read size explicitly to avoid throughput regression - drop local stario replace and depend on released b612.me/stario v0.1.1
2026-04-18 16:05:57 +08:00
if runtime != nil {
plain, err := runtime.openPayload(data)
if err != nil {
return nil, errTransportPayloadDecryptFailed
}
return plain, nil
}
if msgDe == nil {
return nil, errTransportPayloadDecryptFailed
}
plain := msgDe(secretKey, data)
if plain == nil && len(data) != 0 {
return nil, errTransportPayloadDecryptFailed
}
return plain, nil
}
feat(transport): 完成安全架构拆分并收口 stream/bulk 传输优化 - 新增 managed/external/nested 三种传输保护模式 - 新增 peer attach 显式认证、抗重放、channel binding 和可选前向保密协商 - 明确单连接注入与可重拨连接源的语义边界 - 禁止 ConnectByConn 场景下 dedicated bulk 走 sidecar,auto 模式自动回退 shared - 修正 dedicated attach 在 bootstrap/steady profile 切换下的处理逻辑 - 优化 shared bulk super-batch 与批量 framed write 路径 - 降低 stream/bulk fast path 的复制和分发损耗 - 补齐 benchmark、回归测试、运行时快照和 README 文档
2026-04-20 16:35:44 +08:00
func decryptTransportPayloadCodecPooled(mode ProtectionMode, runtime *modernPSKCodecRuntime, msgDe func([]byte, []byte) []byte, secretKey []byte, data []byte, release func()) ([]byte, func(), error) {
if mode == ProtectionExternal {
return data, release, nil
}
fix: close stream adaptive gaps and switch notify to stario v0.1.1 - make stream fast path honor adaptive soft payload limits end-to-end - split oversized fast-stream payloads into sequential frames before batching - use adaptive soft cap when encoding stream batch payloads - move timeout-like error detection into production code for adaptive tx - tune notify FrameReader read size explicitly to avoid throughput regression - drop local stario replace and depend on released b612.me/stario v0.1.1
2026-04-18 16:05:57 +08:00
if runtime != nil {
plain, plainRelease, err := runtime.openPayloadPooled(data, release)
if err != nil {
return nil, nil, errTransportPayloadDecryptFailed
}
return plain, plainRelease, nil
}
if msgDe == nil {
if release != nil {
release()
}
return nil, nil, errTransportPayloadDecryptFailed
}
plain := msgDe(secretKey, data)
if release != nil {
release()
}
if plain == nil && len(data) != 0 {
return nil, nil, errTransportPayloadDecryptFailed
}
return plain, nil, nil
}
feat(transport): 完成安全架构拆分并收口 stream/bulk 传输优化 - 新增 managed/external/nested 三种传输保护模式 - 新增 peer attach 显式认证、抗重放、channel binding 和可选前向保密协商 - 明确单连接注入与可重拨连接源的语义边界 - 禁止 ConnectByConn 场景下 dedicated bulk 走 sidecar,auto 模式自动回退 shared - 修正 dedicated attach 在 bootstrap/steady profile 切换下的处理逻辑 - 优化 shared bulk super-batch 与批量 framed write 路径 - 降低 stream/bulk fast path 的复制和分发损耗 - 补齐 benchmark、回归测试、运行时快照和 README 文档
2026-04-20 16:35:44 +08:00
func decryptTransportPayloadCodecOwnedPooled(mode ProtectionMode, runtime *modernPSKCodecRuntime, msgDe func([]byte, []byte) []byte, secretKey []byte, data []byte) ([]byte, func(), error) {
if mode == ProtectionExternal {
return data, nil, nil
}
fix: close stream adaptive gaps and switch notify to stario v0.1.1 - make stream fast path honor adaptive soft payload limits end-to-end - split oversized fast-stream payloads into sequential frames before batching - use adaptive soft cap when encoding stream batch payloads - move timeout-like error detection into production code for adaptive tx - tune notify FrameReader read size explicitly to avoid throughput regression - drop local stario replace and depend on released b612.me/stario v0.1.1
2026-04-18 16:05:57 +08:00
if runtime != nil {
plain, plainRelease, err := runtime.openPayloadOwnedPooled(data)
if err != nil {
return nil, nil, errTransportPayloadDecryptFailed
}
return plain, plainRelease, nil
}
if msgDe == nil {
return nil, nil, errTransportPayloadDecryptFailed
}
plain := msgDe(secretKey, data)
if plain == nil && len(data) != 0 {
return nil, nil, errTransportPayloadDecryptFailed
}
return plain, nil, nil
}
feat(notify): 重构通信内核并补齐 stream/bulk/record/transfer 能力 - 引入 LogicalConn/TransportConn 分层,ClientConn 保留兼容适配层 - 新增 Stream、Bulk、RecordStream 三条数据面能力及对应控制路径 - 完成 transfer/file 传输内核与状态快照、诊断能力 - 补齐 reconnect、inbound dispatcher、modern psk 等基础模块 - 增加大规模回归、并发与基准测试覆盖 - 更新依赖库
2026-04-15 15:24:36 +08:00
func (c *ClientCommon) encodeTransferMsg(msg TransferMsg) ([]byte, error) {
data, err := c.sequenceEn(msg)
if err != nil {
return nil, err
}
fix: close stream adaptive gaps and switch notify to stario v0.1.1 - make stream fast path honor adaptive soft payload limits end-to-end - split oversized fast-stream payloads into sequential frames before batching - use adaptive soft cap when encoding stream batch payloads - move timeout-like error detection into production code for adaptive tx - tune notify FrameReader read size explicitly to avoid throughput regression - drop local stario replace and depend on released b612.me/stario v0.1.1
2026-04-18 16:05:57 +08:00
data, err = c.encryptTransportPayload(data)
if err != nil {
return nil, err
}
feat(notify): 重构通信内核并补齐 stream/bulk/record/transfer 能力 - 引入 LogicalConn/TransportConn 分层,ClientConn 保留兼容适配层 - 新增 Stream、Bulk、RecordStream 三条数据面能力及对应控制路径 - 完成 transfer/file 传输内核与状态快照、诊断能力 - 补齐 reconnect、inbound dispatcher、modern psk 等基础模块 - 增加大规模回归、并发与基准测试覆盖 - 更新依赖库
2026-04-15 15:24:36 +08:00
queue := c.clientQueueSnapshot()
if queue == nil {
return nil, errClientSessionQueueUnavailable
}
return queue.BuildMessage(data), nil
}
func (c *ClientCommon) decodeTransferMsg(data []byte) (TransferMsg, error) {
fix: close stream adaptive gaps and switch notify to stario v0.1.1 - make stream fast path honor adaptive soft payload limits end-to-end - split oversized fast-stream payloads into sequential frames before batching - use adaptive soft cap when encoding stream batch payloads - move timeout-like error detection into production code for adaptive tx - tune notify FrameReader read size explicitly to avoid throughput regression - drop local stario replace and depend on released b612.me/stario v0.1.1
2026-04-18 16:05:57 +08:00
plain, err := c.decryptTransportPayload(data)
if err != nil {
return TransferMsg{}, err
}
msg, err := c.sequenceDe(plain)
feat(notify): 重构通信内核并补齐 stream/bulk/record/transfer 能力 - 引入 LogicalConn/TransportConn 分层,ClientConn 保留兼容适配层 - 新增 Stream、Bulk、RecordStream 三条数据面能力及对应控制路径 - 完成 transfer/file 传输内核与状态快照、诊断能力 - 补齐 reconnect、inbound dispatcher、modern psk 等基础模块 - 增加大规模回归、并发与基准测试覆盖 - 更新依赖库
2026-04-15 15:24:36 +08:00
if err != nil {
return TransferMsg{}, err
}
transfer, ok := msg.(TransferMsg)
if !ok {
return TransferMsg{}, errors.New("invalid transfer message")
}
return transfer, nil
}
func (s *ServerCommon) encodeTransferMsg(c *ClientConn, msg TransferMsg) ([]byte, error) {
data, err := s.sequenceEn(msg)
if err != nil {
return nil, err
}
feat(transport): 完成安全架构拆分并收口 stream/bulk 传输优化 - 新增 managed/external/nested 三种传输保护模式 - 新增 peer attach 显式认证、抗重放、channel binding 和可选前向保密协商 - 明确单连接注入与可重拨连接源的语义边界 - 禁止 ConnectByConn 场景下 dedicated bulk 走 sidecar,auto 模式自动回退 shared - 修正 dedicated attach 在 bootstrap/steady profile 切换下的处理逻辑 - 优化 shared bulk super-batch 与批量 framed write 路径 - 降低 stream/bulk fast path 的复制和分发损耗 - 补齐 benchmark、回归测试、运行时快照和 README 文档
2026-04-20 16:35:44 +08:00
logical := logicalConnFromClient(c)
feat(notify): 重构通信内核并补齐 stream/bulk/record/transfer 能力 - 引入 LogicalConn/TransportConn 分层,ClientConn 保留兼容适配层 - 新增 Stream、Bulk、RecordStream 三条数据面能力及对应控制路径 - 完成 transfer/file 传输内核与状态快照、诊断能力 - 补齐 reconnect、inbound dispatcher、modern psk 等基础模块 - 增加大规模回归、并发与基准测试覆盖 - 更新依赖库
2026-04-15 15:24:36 +08:00
msgEn := c.clientConnMsgEnSnapshot()
secretKey := c.clientConnSecretKeySnapshot()
feat(transport): 完成安全架构拆分并收口 stream/bulk 传输优化 - 新增 managed/external/nested 三种传输保护模式 - 新增 peer attach 显式认证、抗重放、channel binding 和可选前向保密协商 - 明确单连接注入与可重拨连接源的语义边界 - 禁止 ConnectByConn 场景下 dedicated bulk 走 sidecar,auto 模式自动回退 shared - 修正 dedicated attach 在 bootstrap/steady profile 切换下的处理逻辑 - 优化 shared bulk super-batch 与批量 framed write 路径 - 降低 stream/bulk fast path 的复制和分发损耗 - 补齐 benchmark、回归测试、运行时快照和 README 文档
2026-04-20 16:35:44 +08:00
mode := ProtectionManaged
if logical != nil {
mode = logical.protectionModeSnapshot()
}
data, err = encryptTransportPayloadCodec(mode, c.clientConnModernPSKRuntimeSnapshot(), msgEn, secretKey, data)
fix: close stream adaptive gaps and switch notify to stario v0.1.1 - make stream fast path honor adaptive soft payload limits end-to-end - split oversized fast-stream payloads into sequential frames before batching - use adaptive soft cap when encoding stream batch payloads - move timeout-like error detection into production code for adaptive tx - tune notify FrameReader read size explicitly to avoid throughput regression - drop local stario replace and depend on released b612.me/stario v0.1.1
2026-04-18 16:05:57 +08:00
if err != nil {
return nil, err
}
feat(notify): 重构通信内核并补齐 stream/bulk/record/transfer 能力 - 引入 LogicalConn/TransportConn 分层,ClientConn 保留兼容适配层 - 新增 Stream、Bulk、RecordStream 三条数据面能力及对应控制路径 - 完成 transfer/file 传输内核与状态快照、诊断能力 - 补齐 reconnect、inbound dispatcher、modern psk 等基础模块 - 增加大规模回归、并发与基准测试覆盖 - 更新依赖库
2026-04-15 15:24:36 +08:00
queue := s.serverQueueSnapshot()
if queue == nil {
return nil, errServerSessionQueueUnavailable
}
return queue.BuildMessage(data), nil
}
func (s *ServerCommon) decodeTransferMsg(c *ClientConn, data []byte) (TransferMsg, error) {
msgDe := c.clientConnMsgDeSnapshot()
secretKey := c.clientConnSecretKeySnapshot()
feat(transport): 完成安全架构拆分并收口 stream/bulk 传输优化 - 新增 managed/external/nested 三种传输保护模式 - 新增 peer attach 显式认证、抗重放、channel binding 和可选前向保密协商 - 明确单连接注入与可重拨连接源的语义边界 - 禁止 ConnectByConn 场景下 dedicated bulk 走 sidecar,auto 模式自动回退 shared - 修正 dedicated attach 在 bootstrap/steady profile 切换下的处理逻辑 - 优化 shared bulk super-batch 与批量 framed write 路径 - 降低 stream/bulk fast path 的复制和分发损耗 - 补齐 benchmark、回归测试、运行时快照和 README 文档
2026-04-20 16:35:44 +08:00
mode := ProtectionManaged
if logical := logicalConnFromClient(c); logical != nil {
mode = logical.protectionModeSnapshot()
}
plain, err := decryptTransportPayloadCodec(mode, c.clientConnModernPSKRuntimeSnapshot(), msgDe, secretKey, data)
fix: close stream adaptive gaps and switch notify to stario v0.1.1 - make stream fast path honor adaptive soft payload limits end-to-end - split oversized fast-stream payloads into sequential frames before batching - use adaptive soft cap when encoding stream batch payloads - move timeout-like error detection into production code for adaptive tx - tune notify FrameReader read size explicitly to avoid throughput regression - drop local stario replace and depend on released b612.me/stario v0.1.1
2026-04-18 16:05:57 +08:00
if err != nil {
return TransferMsg{}, err
}
msg, err := s.sequenceDe(plain)
feat(notify): 重构通信内核并补齐 stream/bulk/record/transfer 能力 - 引入 LogicalConn/TransportConn 分层,ClientConn 保留兼容适配层 - 新增 Stream、Bulk、RecordStream 三条数据面能力及对应控制路径 - 完成 transfer/file 传输内核与状态快照、诊断能力 - 补齐 reconnect、inbound dispatcher、modern psk 等基础模块 - 增加大规模回归、并发与基准测试覆盖 - 更新依赖库
2026-04-15 15:24:36 +08:00
if err != nil {
return TransferMsg{}, err
}
transfer, ok := msg.(TransferMsg)
if !ok {
return TransferMsg{}, errors.New("invalid transfer message")
}
return transfer, nil
}
func (c *ClientCommon) encodeEnvelopePayload(env Envelope) ([]byte, error) {
data, err := c.encodeEnvelopePlain(env)
if err != nil {
return nil, err
}
return c.encryptTransportPayload(data)
}
func (c *ClientCommon) encodeEnvelopePlain(env Envelope) ([]byte, error) {
data, err := c.sequenceEn(env)
if err != nil {
return nil, err
}
return data, nil
}
func (c *ClientCommon) encryptTransportPayload(data []byte) ([]byte, error) {
feat(transport): 完成安全架构拆分并收口 stream/bulk 传输优化 - 新增 managed/external/nested 三种传输保护模式 - 新增 peer attach 显式认证、抗重放、channel binding 和可选前向保密协商 - 明确单连接注入与可重拨连接源的语义边界 - 禁止 ConnectByConn 场景下 dedicated bulk 走 sidecar,auto 模式自动回退 shared - 修正 dedicated attach 在 bootstrap/steady profile 切换下的处理逻辑 - 优化 shared bulk super-batch 与批量 framed write 路径 - 降低 stream/bulk fast path 的复制和分发损耗 - 补齐 benchmark、回归测试、运行时快照和 README 文档
2026-04-20 16:35:44 +08:00
profile := c.clientTransportProtectionSnapshot()
return encryptTransportPayloadCodec(profile.mode, profile.runtime, profile.msgEn, profile.secretKey, data)
feat(notify): 重构通信内核并补齐 stream/bulk/record/transfer 能力 - 引入 LogicalConn/TransportConn 分层,ClientConn 保留兼容适配层 - 新增 Stream、Bulk、RecordStream 三条数据面能力及对应控制路径 - 完成 transfer/file 传输内核与状态快照、诊断能力 - 补齐 reconnect、inbound dispatcher、modern psk 等基础模块 - 增加大规模回归、并发与基准测试覆盖 - 更新依赖库
2026-04-15 15:24:36 +08:00
}
func (c *ClientCommon) encodeEnvelope(env Envelope) ([]byte, error) {
data, err := c.encodeEnvelopePayload(env)
if err != nil {
return nil, err
}
queue := c.clientQueueSnapshot()
if queue == nil {
return nil, errClientSessionQueueUnavailable
}
return queue.BuildMessage(data), nil
}
func (c *ClientCommon) decodeEnvelope(data []byte) (Envelope, error) {
plain, err := c.decryptTransportPayload(data)
if err != nil {
return Envelope{}, err
}
return c.decodeEnvelopePlain(plain)
}
func (c *ClientCommon) decryptTransportPayload(data []byte) ([]byte, error) {
feat(transport): 完成安全架构拆分并收口 stream/bulk 传输优化 - 新增 managed/external/nested 三种传输保护模式 - 新增 peer attach 显式认证、抗重放、channel binding 和可选前向保密协商 - 明确单连接注入与可重拨连接源的语义边界 - 禁止 ConnectByConn 场景下 dedicated bulk 走 sidecar,auto 模式自动回退 shared - 修正 dedicated attach 在 bootstrap/steady profile 切换下的处理逻辑 - 优化 shared bulk super-batch 与批量 framed write 路径 - 降低 stream/bulk fast path 的复制和分发损耗 - 补齐 benchmark、回归测试、运行时快照和 README 文档
2026-04-20 16:35:44 +08:00
profile := c.clientTransportProtectionSnapshot()
return decryptTransportPayloadCodec(profile.mode, profile.runtime, profile.msgDe, profile.secretKey, data)
feat(notify): 重构通信内核并补齐 stream/bulk/record/transfer 能力 - 引入 LogicalConn/TransportConn 分层,ClientConn 保留兼容适配层 - 新增 Stream、Bulk、RecordStream 三条数据面能力及对应控制路径 - 完成 transfer/file 传输内核与状态快照、诊断能力 - 补齐 reconnect、inbound dispatcher、modern psk 等基础模块 - 增加大规模回归、并发与基准测试覆盖 - 更新依赖库
2026-04-15 15:24:36 +08:00
}
func (c *ClientCommon) decodeEnvelopePlain(data []byte) (Envelope, error) {
msg, err := c.sequenceDe(data)
if err != nil {
return Envelope{}, err
}
env, ok := msg.(Envelope)
if ok {
return env, nil
}
transfer, ok := msg.(TransferMsg)
if !ok {
return Envelope{}, errors.New("invalid envelope")
}
wrapped, err := wrapTransferMsgEnvelope(transfer, c.sequenceEn)
if err != nil {
return Envelope{}, err
}
return wrapped, nil
}
func (s *ServerCommon) encodeEnvelope(c *ClientConn, env Envelope) ([]byte, error) {
return s.encodeEnvelopeLogical(logicalConnFromClient(c), env)
}
func (s *ServerCommon) encodeEnvelopePayloadLogical(logical *LogicalConn, env Envelope) ([]byte, error) {
if logical == nil {
return nil, errTransportDetached
}
data, err := s.encodeEnvelopePlain(env)
if err != nil {
return nil, err
}
return s.encryptTransportPayloadLogical(logical, data)
}
func (s *ServerCommon) encodeEnvelopePlain(env Envelope) ([]byte, error) {
data, err := s.sequenceEn(env)
if err != nil {
return nil, err
}
return data, nil
}
func (s *ServerCommon) encryptTransportPayloadLogical(logical *LogicalConn, data []byte) ([]byte, error) {
if logical == nil {
return nil, errTransportDetached
}
msgEn := logical.msgEnSnapshot()
secretKey := logical.secretKeySnapshot()
if msgEn == nil {
return nil, errTransportDetached
}
feat(transport): 完成安全架构拆分并收口 stream/bulk 传输优化 - 新增 managed/external/nested 三种传输保护模式 - 新增 peer attach 显式认证、抗重放、channel binding 和可选前向保密协商 - 明确单连接注入与可重拨连接源的语义边界 - 禁止 ConnectByConn 场景下 dedicated bulk 走 sidecar,auto 模式自动回退 shared - 修正 dedicated attach 在 bootstrap/steady profile 切换下的处理逻辑 - 优化 shared bulk super-batch 与批量 framed write 路径 - 降低 stream/bulk fast path 的复制和分发损耗 - 补齐 benchmark、回归测试、运行时快照和 README 文档
2026-04-20 16:35:44 +08:00
return encryptTransportPayloadCodec(logical.protectionModeSnapshot(), logical.modernPSKRuntimeSnapshot(), msgEn, secretKey, data)
feat(notify): 重构通信内核并补齐 stream/bulk/record/transfer 能力 - 引入 LogicalConn/TransportConn 分层,ClientConn 保留兼容适配层 - 新增 Stream、Bulk、RecordStream 三条数据面能力及对应控制路径 - 完成 transfer/file 传输内核与状态快照、诊断能力 - 补齐 reconnect、inbound dispatcher、modern psk 等基础模块 - 增加大规模回归、并发与基准测试覆盖 - 更新依赖库
2026-04-15 15:24:36 +08:00
}
func (s *ServerCommon) encodeEnvelopeLogical(logical *LogicalConn, env Envelope) ([]byte, error) {
data, err := s.encodeEnvelopePayloadLogical(logical, env)
if err != nil {
return nil, err
}
queue := s.serverQueueSnapshot()
if queue == nil {
return nil, errServerSessionQueueUnavailable
}
return queue.BuildMessage(data), nil
}
func (s *ServerCommon) decodeEnvelope(c *ClientConn, data []byte) (Envelope, error) {
return s.decodeEnvelopeLogical(logicalConnFromClient(c), data)
}
func (s *ServerCommon) decodeEnvelopeLogical(logical *LogicalConn, data []byte) (Envelope, error) {
if logical == nil {
return Envelope{}, errTransportDetached
}
plain, err := s.decryptTransportPayloadLogical(logical, data)
if err != nil {
return Envelope{}, err
}
return s.decodeEnvelopePlain(plain)
}
func (s *ServerCommon) decryptTransportPayloadLogical(logical *LogicalConn, data []byte) ([]byte, error) {
if logical == nil {
return nil, errTransportDetached
}
msgDe := logical.msgDeSnapshot()
secretKey := logical.secretKeySnapshot()
if msgDe == nil {
return nil, errTransportDetached
}
feat(transport): 完成安全架构拆分并收口 stream/bulk 传输优化 - 新增 managed/external/nested 三种传输保护模式 - 新增 peer attach 显式认证、抗重放、channel binding 和可选前向保密协商 - 明确单连接注入与可重拨连接源的语义边界 - 禁止 ConnectByConn 场景下 dedicated bulk 走 sidecar,auto 模式自动回退 shared - 修正 dedicated attach 在 bootstrap/steady profile 切换下的处理逻辑 - 优化 shared bulk super-batch 与批量 framed write 路径 - 降低 stream/bulk fast path 的复制和分发损耗 - 补齐 benchmark、回归测试、运行时快照和 README 文档
2026-04-20 16:35:44 +08:00
return decryptTransportPayloadCodec(logical.protectionModeSnapshot(), logical.modernPSKRuntimeSnapshot(), msgDe, secretKey, data)
feat(notify): 重构通信内核并补齐 stream/bulk/record/transfer 能力 - 引入 LogicalConn/TransportConn 分层,ClientConn 保留兼容适配层 - 新增 Stream、Bulk、RecordStream 三条数据面能力及对应控制路径 - 完成 transfer/file 传输内核与状态快照、诊断能力 - 补齐 reconnect、inbound dispatcher、modern psk 等基础模块 - 增加大规模回归、并发与基准测试覆盖 - 更新依赖库
2026-04-15 15:24:36 +08:00
}
func (s *ServerCommon) decodeEnvelopePlain(data []byte) (Envelope, error) {
msg, err := s.sequenceDe(data)
if err != nil {
return Envelope{}, err
}
env, ok := msg.(Envelope)
if ok {
return env, nil
}
transfer, ok := msg.(TransferMsg)
if !ok {
return Envelope{}, errors.New("invalid envelope")
}
wrapped, err := wrapTransferMsgEnvelope(transfer, s.sequenceEn)
if err != nil {
return Envelope{}, err
}
return wrapped, nil
}
Reference in New Issue Copy Permalink